U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
  • CPE Name Search: true
There are 70 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2015-1931

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.

Published: September 28, 2022; 11:15:11 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2014-1947

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.

Published: February 17, 2020; 4:15:12 PM -0500
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2015-5239

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

Published: January 23, 2020; 3:15:11 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2015-8779

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

Published: April 19, 2016; 5:59:05 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2015-8778

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

Published: April 19, 2016; 5:59:04 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2015-8776

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

Published: April 19, 2016; 5:59:04 PM -0400
V3.0: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2015-5006

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.

Published: December 07, 2015; 3:59:06 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2015-0272

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

Published: November 17, 2015; 10:59:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-2695

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

Published: November 08, 2015; 10:59:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-4830

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

Published: October 21, 2015; 5:59:44 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-3209

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

Published: June 15, 2015; 11:59:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-4106

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

Published: June 03, 2015; 4:59:09 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2015-0797

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.

Published: May 14, 2015; 6:59:00 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-2576

Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.

Published: April 16, 2015; 1:00:07 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2015-2575

Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.

Published: April 16, 2015; 1:00:07 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2015-2573

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Published: April 16, 2015; 1:00:05 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-2571

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

Published: April 16, 2015; 1:00:04 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-2568

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.

Published: April 16, 2015; 1:00:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-0505

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Published: April 16, 2015; 12:59:54 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2015-0501

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.

Published: April 16, 2015; 12:59:50 PM -0400
V3.x:(not available)
V2.0: 5.7 MEDIUM